
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 14S0 

Alexandria, Virginia 22313-I4S0 
www.tispto.gov 



APPLICATION NO. 


FILING DATE | 


FIRST NAMED INVENTOR 


1 ATTORNEY DOCKET NO. 


CONHRMATIONNO. 


10/075,926 


02/14/2002 


David Willming 


01-873 


1692 



7590 09/28/2005 

McDonnell Boehnen Hulbert & Berghoff 

32nd Floor 

300 S. Wacker Drive 

Chicago, IL 60606 



EXAMINER 



CHAI, LONGBIT 



ART UNIT 



PAPER NUMBER 



2131 

DATE MAILED: 09/28/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



"1 


Application No. 

10/075,926 


Applicant(s) 

WILLMING ET AL 


Examiner 
Longbit Chai 


Art Unit 

2131 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 
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DETAILED ACTION 



Priority 

1 . Applicant's claim for benefit of Continuing Application priority date under 35 
U.S.C. 120 is acknowledged. 

The application is filed on 2/14/2002 but is a Continuation-ln-Part of Application 
number 09/722.095 filed on 1/26/2001 . 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
A person shall be entitled to a patent unless - 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

2. Claims 1, 2 8 - 15, 19, 21, 23 and 24 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Hind (Patent Number: 6823454), in view of Rowney (Patent 
Number: 5996076). 



As per claim 1 , Hind teaches a method for automatic installation of a digital 
certificate on a network device in a data-over-cable system, the method comprising: 
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determining whether a digital certificate is installed on the network device (Hind: 
Column 14 Line 1 - 3); if not, generating a digital certificate filename on the network 
device (Hind: Column 13 Line 58 - 64). Hind teaches downloading the device 
certificate from the server device to client device (Hind: Column 13 Line 58 - 64); 
however, Hind does not disclose generating a digital certificate filename on the network 
device for downloading purpose. 

Rowney teaches generating a digital certificate filename on the network device 
(Rowney: Column 163 Line 22 - 26), 

sending a digital certificate request including the digital certificate filename to a 
predetermined network server; receiving a digital certificate file including at least one 
digital certificate from the network server; and storing the at least one digital certificate 
received from the network server on the network device (Rowney: Column 154 Line 62 
- 65 and Column 163 Line 22 - 24). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Rowney within the system of Hind 
because Rowney teaches a secure and flexible certificate delivery and installation 
method over a public communication system, such as internet (Rowney: Column 154 
Line 62 - 65, Column 1 63 Line 22 - 24 and Column 4 Line 1 - 4). 

As per claim 2 and 15, Hind as modified teaches having stored therein 
instructions for causing a processor to execute the method of claim 1 (Hind: Figure 1 A). 
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As per claim 8, Hind as modified teaches obtaining a globally routable network 
address on the network device prior to sending the digital certificate request to the 
network server (Hind: Column 13 Line 29 - 40: the Domain Name Server DNS/DHCP 
system assures that both the server and client (i.e. server device and client device) 
must use a globally routable network address (i.e. global IP address) in order to access 
the network entities on external networks); and employing the globally routable network 
address for sending the digital certificate request to the network server (Hind: Column 
13 Line 29 - 40: the request / response are exchanges with standard global IP protocol 
messages). 

As per claim 9, Hind as modified teaches retrieving network address information 
from at least one data packet sent from at least one customer entity (Hind: Column 2 
Line 63: masquerading attack as disclosed by Hind is a way to retrieve network address 
information from at least one data packet sent from at least one customer entity); and 
obtaining a physical address of a network gateway associated with the at least one 
customer entity (Hind: Column 2 Line 21 - 48: the MAC address (besides the IP 
address) of the router / gateway is needed for the routing protocol before the messages 
can be successfully routed over the networks via network router located on its own 
network segment (or subnet)). 

As per claim 10, Hind as modified teaches the network address information 
comprises on Internet Protocol address and a Medium Access Control address 
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associated with the customer entity (Hind: Column 2 Line 16-67: both Internet Protocol 
address and a Medium Access Control address are required for standard IP network 
protocol). 

As per claim 11, Hind as modified teaches validating the at least one digital 
certificate received from the network server prior to storing the at least one digital 
certificate on the network device (Hind: Column 14 Line 12-14). 

As per claim 12, Hind as modified teaches the at least one digital certificate 
comprises a device digital certificate (Hind: Column 13 Line 13-14). 

As per claim 13, Hind as modified teaches the at least one digital certificate 
further comprises a network device manufacturer digital certificate (Hind: Column 14 
Line 2). 

As per claim 14 and 21 , claim 14 and 21 do not further teach over claim 1 . 
Therefore, see same rationale addressed above in rejecting claim 1, 

As per claim 19, Hind as modified teaches the at least one digital certificate for 
the network device is generated on the network server (Hind: Column 13 Line 58 - 64). 
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As per claim 23, Hind as modified teaches wherein the network server's address 
is installed on the network device prior to requesting, the digital certificate from the 
predetermined network server (Hind: Column 1 Line 40 - 42: constant IP address). 

As per claim 24, Hind as modified teaches the network device is further arranged 
to install the digital certificate in a memory unit upon receiving the digital certificate from 
the network server (Hind: Column 13 Line 58 - 64). 

3. Claims 3 - 7, 16, 18, 22 and 25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hind (Patent Number: 6823454), in view of Rowney (Patent Number: 
5996076), in view of Loukianov (Patent Number: 6715075). 

As per claim 3, 18 and 22, Hind as modified does not disclose the network device 
comprises a cable modem, and the network server comprises a Trivial File Transfer 
Protocol server. 

Loukianov teaches the network device comprises a cable modem, and the 
network server comprises a Trivial File Transfer Protocol server (Loukianov: Column 1 
Line 65 - 67, Column 2 Line 1 1 - 22 and Column 3 Line 45 - 55), 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Loukianov within the system of Hind as 
modified because (a) Hind teaches device certificate authentication mechanism and (b) 
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Loukianov teaches providing a secure device certificate method for cable modem 
systems by using a hash signature (Loukianov: 2 Line 11 - 22), 

As per claim 4 and 25, Hind as modified teaches the digital certificate comprises 
an X.509 security digital certificate (Loukianov: Column 3 Line 54 - 55). Same rationale 
of combination applies here as above in rejecting the claim 3. 

As per claim 5 and 16, Hind teaches a device ID is included in the device 
certificate (Hind: Column 3 Line 60 - 61 ). However, Hind does not disclose expressly a 
digital certificate filename comprises using a type of the network device, a physical 
address of the network device and an authentication data string. 

Loukianov teaches a digital certificate filename comprises using a type of the 
network device, a physical address of the network device and an authentication data 
string (Loukianov: Column 2 Line 50 - 54 and Column 2 Line 19-20; Hind: Column 3 
Line 60 - 61 : Examiner notes a certificate filename is used to uniquely identify a device 
certificate and thereby certificate ID is equivalent to a certificate filename. Device 
certificate ID includes a device ID (Hind: Column 3 Line 60-61) and, besides, the cable 
modem device can also uniquely identified by MAC address and a certificate can be 
uniquely identified by certificate hash value as taught by Loukianov (Loukianov: Column 
2 Line 50 - 54 and Column 2 Line 1 9 - 20). Therefore, a digital certificate filename 
comprises using a type of the network device, a physical address of the network device 
and an authentication data string). 
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Same rationale of combination applies here as above in rejecting the claim 3. 

As per claim 6, Hind as modified teaches the authentication data string is 
generated on the network device by applying a hash function to at least one 
configuration setting associated with the network device (Loukianov: Column 2 Line 19 
-20). 

As per claim 7, Hind as modified teaches the at least one configuration setting 
comprises a MAC address, a serial number or a secret string (Loukianov: Column 2 
Line 19-20). 

4. Claim 20 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hind 
(Patent Number: 6823454), in view of Rowney (Patent Number: 5996076), and in view 
of Kent (Patent Number: 6671804). 

As per claim 20, Hind as modified does not disclose expressly requesting a 
digital certificate from a second network server upon receiving the digital certificate 
request from the network device; and receiving the digital certificate on the network 
server from the second network server, wherein the second network server comprises a 
certificate authority server. 

Kent teaches requesting a digital certificate from a second network server upon 
receiving the digital certificate request from the network device; and receiving the digital 
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certificate on the network server from the second network server, wherein the second 
network server comprises a certificate authority server (Kent: Figure 1 Element 
1 10/120/130 and Column 4 Line 27 - 30). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Kent within the system of Hind as 
modified because (a) Hind teaches device certificate authentication mechanism and (b) 
Kent teaches providing a enhanced secure validation mechanisms by verifying the 
certificate requests information from a plurality of requesters (Kent: Column 2 Line 59 - 
63, Column 10 Line 9 - 40). 

5. Claim 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hind 
(Patent Number: 6823454), in view of Rowney (Patent Number: 5996076), in view of 
Loukianov (Patent Number: 6715075), and in view of Kent (Patent Number: 6671804). 

As per claim 17, Hind as modified does not disclose generating an authentication 
data string on the network server; and comparing the authentication string generated on 
the network server with the authentication data string specified in the received digital 
certificate filename. 

Kent teaches generating an authentication data string on the network server; and 
comparing the authentication string generated on the network server with the 
authentication data string specified in the received digital certificate filename (Kent: 
Column 1 0 Line 9 - 40: the authentication string is the public key of the requester). 
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It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Kent within the system of Hind as 
modified because (a) Hind teaches device certificate authentication mechanism and (b) 
Kent teaches providing a enhanced secure validation mechanisms by verifying the 
certificate requests information from a plurality of requesters (Kent: Column 2 Line 59 - 
63, Column 10 Line 9 - 40). 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Longbit Chai whose telephone number is 571-272-3788. 
The examiner can normally be reached on Monday-Friday 8:00am-4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




Longbit Chai 
Examiner 
Art Unit 2131 




